My virus, trojan, malware experience..and resolution

03/29/2011 | Professional

[Professional]

Last week I got hit with a nasty set of viruses, malware, and trojans.

One of the first things I did, was to check out Freerepublic to get some free advice. Unfortunately, it didn't help much, so I've decided to try and add some value here for folks that have something similar happen to them.

My problems began, by using Google searches for information pertaining to the Japan Earthquake. Now, I suspect that part of these internet virus scams, is to embed the trouble in searches that are very popular at any given time.

I took the advice of this forum, and downloaded malwarebytes. Sure enough, it helped identify a bunch of the stuff, some that my avira virus scan could not detect. So, after identifying the problems, they were removed. I also did a system restore going back a few days in time, beyond the origination of the trouble.

Trouble is, that each time I restarted the computer, I got more viruses, etc. I also could no longer contact microsoft updates, it was being blocked. My browser was being hijacked, and I was getting all sorts of websites redirected, mostly about a survey and a free walmart gift card. While the computer ran, eventually I got a message reporting problems to WIN32 being shut down. This turned out to be a huge problem, because that would shut down the msft security center!

I did some searches about viruses, and that only brought me to MORE plague filled pages. This is a huge RISK, DO NOT DO SEARCHES about viruses!! Many fake leads using key words, then you wind up with more trouble than you started with.

I downloaded Microsoft Security essentials on another computer and put it on a thumb drive. I ran the program on the infected computer, but it could not solve the win32 problem, and I still could not use the internet to contact microsoft.

Ok, now I'm into this like 3 days, and I'm really, really getting ticked off. Nothing is working, and I'm about to call a guy and pay him to fix the computer. My concern there, is that they almost always just wipe out your computer, and give you a few of your old files back.... In my case, that means an enormous amount of work that I'd rather avoid.

Finally, I use the other computer to browse microsoft website about viruses. There was a toll free number available, so I gave it a shot, figuring that would be a long, long hold.... No, it rang straight through to Bombay. Raj does a remote takeover of my computer, and runs into one obstacle after the next. Finally he finds a way to get through, and do a virus scan. After 1/2 an hour or more....my computer is supposedly "clean". I get disconnected, and I go home and go to bed. But, Microsoft doesn't give up that easy. By Monday morning, I've gotten 2-3 emails at yahoo, and two voice mails at my office. Next thing you know, Bombay is calling me again.

Now, I've got one of their experts. He takes the computer over again, and this time he fixes the busted windows registry stuff. That was the heart of the problem. Once that was completed, I ran a few more virus checks, and did a msft update and got the system fully up and running again.

I'm very pleased with how microsoft helped me. I should have gone straight to them, and in the future that is what I'm going to do!

Right now, I have a paid computer expert in my office, and he's analyzing our operation. We have service through comcast, and he informs me... that norton antivirus is FREE, full version, due to our business with comcast. We were not aware of this.

I hope my description above is helpful for all freepers.

[Ol' Sox]

Something is seriously wrong with these AMD Athlon 64 processors Those Athlon 64 chips are slow because, well, they're slow...Here's a list of CPU benchmarks that you can use to compare them to others currently available.

http://www.cpubenchmark.net/cpu_list.php

[martin_fierro]

Wow, yitzy new Ping graphic!

[Vendome]

It happens.

Last year I was looking for a picture to post and I think I accidentally installed some scare-ware.

No problemo. I already had Malwarebytes.

I ran it and it clobbered most of the scumbags program. Ran Spybot and got the rest.

If you already have the tools you can zap these punks pretty quick.

I think the people who create these programs should be summarily shot or hung in the town square.

[i_robot73]

I use Comodo I.S. suite. Handles the firewall and AV well enough. Just watch the pop-ups of the ‘allow/deny’ (who’s doing what) and all is good.

[Yorlik803]

the same thing here....I went to Kasperskys website and downloaded TDSSKiller. Follow the directions and it should fix the issue.
As an aside...wouldnt you like to find the jackass who sits in their mother basement and write these thing. I would thread fishing line thru their nipples and string them up.
But that is just me....

[roamer_1]

On a personal note, I am sorry I didn't stick around to help you on your thread. I actually landed on your thread, but stepped off to help another poster to the thread in PVT mail... It sounds to me as though you had a rootkit, and those must be handled differently than other things - If you don't kill the rootkit, which is hidden from the system, it will just continue to repopulate the bugs on your system. Happy you got it sorted.

Norton is CRAP. *PTOOEY*!!

More infected machines come across my bench with Norton onboard than any other thing. By an order of magnitude. It also uninstalls poorly, so other AV's won't install until one cleans up Norton's mess. If there is a single program on the entire planet I would most desire to lead folks away from, It would be Norton (though Internet Exploder would follow closely). Also McAfee and Trend PC-Cillin.

Kaspersky AV is the undisputed KING of Anti-virus software... Followed closely by Nod32 by Esset. Under them, F-Protect/F-Secure, BitDefender, Sophos, and AntiVir are all mighty and dependable.

Best bang-for-buck is an insignificant difference among them all for one machine...But for multiple computers: F-Protect. Their common license allows 5 computers for roughly 45/yr. For another 10 bucks, their corporate license ups that to ten computers. But if security is your main concern, Kaspersky is the year-for-year reliable monster in the house.

For FREE AV, ONLY Microsoft Security Essentials and AntiVir need apply. And since AntiVir lacks E-mail protection, MSE is really it. About half of my client base is having trouble financially, and are running MSE with very few problem cases returning. My own service boxes run Kaspersky, but my personal boxes (family) run MSE.

DO NOT use "Security Suites," no matter the brand name. These monolithic one-step-wonders are heavy on the system, intrusive, and less effective than a good multi-level defense using diverse tools.

Malwarebytes is a great tool, and is current king of the spyware tools. BUT, it is ONLY a spy-ware/ad-ware remover, not an antivirus. It should be used in conjunction with a serious antivirus, and should be on your box.

Spybot Search and Destroy is another AntiSpy tool that goes on every box that crosses my bench. Beside its use as a backup to Malwarebytes, it's passive immunization feature costs nothing in system resources, and it has other great tools (such as a robust startup control, easy ActiveX and BHO removal, etc) in advanced mode. NOTE: Turn OFF teatimer whitelist tool during install unless you know what a whitelist is for.

SuperAntiSpyware is also a great antispy tool, and can be used to replace Malwarebytes on systems with low resources.

In summary: An Antivirus, Spybot Search & Destroy, and EITHER Malwarebytes OR SuperAntiSpyware. Only the Antivirus needs to be running realtime, so one can use the free version of the other software, providing that you WILL run manual scans on your own (say weekly or bi-weekly).

Do *NOT* use Internet Exploder for surfing! ActiveX, A subcomponent of IE which allows for installation/running from the web (among other things), is hopelessly exploitable. Use Firefox for surfing (NEVER install the ActiveX helper add-on).

[paulycy]

All Free, Excellent WIN protection:

COMODO Firewall
AVAST! Anti-Virus
Malwarebytes
Spybot S&D.
Firefox browser.

I’ve used this combo for years and put in on all my family’s computers (non-techies) and had virtually no problems. Every once in a while something will slip though - usually a new hijacker or something, and it gets cleaned up quickly.

No cost, daily updates, excellent protection over the years.

[Poser]

“Get Carbonite, you’ll never lose anything.”

Maybe not your data, but you still have to reinstall the operating system and programs.

[Varmint Al]

The ultimate backup. I use Norton Ghost 2003. I have bootable floppy converted over to a bootable CD. About every 2 weeks I write a disk image of my C-Drive onto my K-Drive. I have an external USB 1Tb drive and I write the C-Drive image file to it. 

If I have a problem it is a simple matter to use Ghost and write the good image back to my C-Drive. It only takes about 8 minutes to completely restore the C-Drive. I have even used Ghost to restore the C-Drive if I install some software that trys to take over my system. 

As an Ultimate backup I have hard drive that I made a clone of my complete hard drive. It is on a shelf ready to replace my complete system if I have avery difficult problem. 

I also use AVAST, HiJackThis, and Malwarebytes to frequently check my system. AVAST has not let a single problem into my computer in 3 years, since I dumped Norton.

Good Hunting... from Varmint Al

[Eaker]

All of us don’t own the corporation that we work for so your suggestions are a waste of time in the real world.

But thanks for reminding us all of how superior you are.

Maybe just recommend a newspaper or a book instead of the Internet?

[databoss]

I assume you reinstalled XP pro...this is a common scenario that it runs better after a reinstall but it will bog down with patches and software but most likely your office systems are loaded with malwsre and viruses. Buy Mac or learn about Linux because windows eat shoot and your dollars...

[Gene Eric]

>> My virus, trojan, malware experience..and resolution

Is malware some type of cortisone?

[Eaker]

use a Linux distro or buy a Mac

Not if you want to work at most jobs like a real person.

At my office the employees don't buy their own computers, they use the ones we supply and the software we give them.

[Eaker]

Is it as user friendly as that website?

[conservatism_IS_compassion]

Allow me to be the first to say this...

And I know I’ll get trashed — but it HAS to be done... ;)

Get a Mac!

but it HAS to be done... ;)

That whole "independent thought" thing is way over rated.

I know... but when you’re just kidding, what does it hurt?

:D

Hoss

Nothing until somebody thinks their favorite product or company has been dissed. Then it can be a really, really big deal. Depending on what product or company it is.

Computer users invest their own time, concentration, and patience - on top of a not-inconsiderable amount of money - in getting their computers and learning how to use them for their purposes. It is human nature to be reluctant to conclude that they have made a mistake in a purchase into which they put that much - so, paradoxically, the more reason there is to believe that they have made a mistake, the more resistant to reality they become.

Until and unless they finally reach a breaking point, and become bitter towards their erstwhile love.

[raybbr]

The key to Malwarebytes is that you have to run it in safe mode. When you get these virii, restart in safe mode and then run MB.

[tacticalogic]

Computer users invest their own time, concentration, and patience - on top of a not-inconsiderable amount of money - in getting their computers and learning how to use them for their purposes. It is human nature to be reluctant to conclude that they have made a mistake in a purchase into which they put that much - so, paradoxically, the more reason there is to believe that they have made a mistake, the more resistant to reality they become.

It's also human nature to believe that what works for you should work for everyone else, and people can be reluctant to admit that not everyone needs or wants what they have, and that it's rude to immediately assume should, and that they screwed up because they didn't.

[DollyCali]

BTTT n Bookmark. Thanks for info. I use an iMac but also have a notebook PC. I am very selective where I go with the PC. If I could afford it, would get an iPad and MacBook Pro 15-inch Notebook - just for the peace of mind. I cannot tell you the grief I have had over the years with PCs

[Lees Swrd]

LOL I used to be the worlds worst with Windows reinstall the system two or three times a week if not more, then one day I saw a copy of Mandrake Linux for $9.95 installed it in 1998 I think and never looked back. Of course thats been many computers and OSs since.
I also had an old Mac the OS was corrupted and I installed Yellow Dog Linux on it and it purred like a kitten need an OS for a Mac that works and it is free Yellow Dog Linux.

[conservatism_IS_compassion]

That too.